From what I was told, bitcoin is using one of the 160 bit hashes for generating bitcoin address.
The SHA-1 family of hash algorithms are some of the most commonly used. SHA-1 is a 160 bit hash.
Here is a paper that claims to find SHA-1 collisions in 2^52 crypto operations. And optimally secure hash would take 2^80 operations. 2^52 time is still large, but it is getting into cluster and botnet range.
http://www.ictlex.net/wp-content/iacrhash.pdf
The MD5 hashes can already be crashed in seconds on laptops. That was why it was retired from certificate based signatures.
And yes what I’m saying is I think you can think of a public key as two secret numbers mathematically combined together. And the private key as those two numbers kept separately. The thing that make the system secure requires that the two secret numbers be really large prime numbers.
But if they are really large non-prime numbers the combination math still works, it is just must faster to break the algorithm.
I’ll do a little more googling and see if I can substantiate my claims. I was hoping someone could dismiss them out of hand though.